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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings* of claims in the application: 
Listing of Claims: 

1. (Currently Amended) A computer-implemented method for using 
workflows to perform a task, the method comprising: 

associating each workflow of a plurality of workflows with ono ormoro a 
correspon ding domain of a plurality of domains in an identity system, each domain of said 
plurality of domains comprising one or more entities and each workflow of said plurality of 
workflows using different predefined set of steps to perform the task: 

receiving a request to perform [[a]] said task that affects at least one identity 
profile associated with an entity in said identity system; 

determining from said ono or moro plurality of domains, a domain that includes 
said entity with which said at least one identity profile is associated; 

determining [[a]] from said plurality set of workflow s, a workflow associated with 
said domain and capable of performing said task; 

outputting said act of workflowo to a uoor; 

r e o e iving from - said user a polootion of a first workflow from said aot of 
workflows;-ond 

performing said fest workflow for said task; wherein: 

wherein said performing comprises executing said predefined set of steps of said 
workflow to perform said task: and 

said request includes an identification of said at least one identity profile. 

2. (Currently Amended) A method according to claim 1 , wherein: 

said step of associating includes associating said &st workflow with said domain, 
said step of associating said fcs* workflow includes choosing a first entry in said data structure, 
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said data structure is a hierarchical data structure of entities in said identity system, said domain 
includes said first entry and entries below said first entry. 

3.-4. (Canceled) 

5. (Currently Amended) A method according to claim 1, wherein: 
said roquout task is a request task to delete said at least one identity profile. 

6. (Currently Amended) A method according to claim 1, wherein: 
said r eq uest task is a request task to modify said at least one identity profile. 

7. -8. (Canceled) 

9. (Original) A method according to claim 1, wherein: 

said steps of associating, receiving and performing are performed by an integrated 
identity and access system, 

i 

10. (Original) A method according to claim 1, wherein: 
said request is for self-registration. 

11. (Currently Amended) A method according to claim 1 3 wherein: 
said request is from a parent workflow; and 

said fifst workflow is a sub-workflow to said parent workflow. 

12. (Canceled) 

13. (Previously Presented) A method according to claim 2, wherein: 
said hierarchical data structure includes an LD AP directory. 

14. (Currently Amended) One or more processor readable storage devices 
storing plurality of instructions causing a processor to use workflows for performing tasks a task, 
said plurality of instructions comprising code for: 

associating each workflow of a plurality of workflows with ono or moro a 
corresponding domai n of a plurality of domains in an identity system, each domain of said 
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plurality of domains comprising one or more entities and each workflow of said plurality of 
workflows using different predefined set of steps to perform the task: 

receiving a request to perform [[a]] said task that affects at least one identity 
profile associated with an entity in said identity system; 

determining from said oneor - mo re plurality of domains, a domain that includes 
said entity with which said at least one identity profile is associated; 

determining [[a]] from said plurality set of workflow s, a workflow associated with 
said domain and capable of performing said task] 

outputting oaid pot of workflows to a us e r? 

r e c e iving from paid user a selection of a first worlcflow from caid sot of 
workflow s ; and 

performing said fest workflow for said task; whoroin: 

wherein said performing comprises executinpisaid predefined set of steps of said 
workflow to perform said task^ and 

said request includes an identification of said at lpast one identity profile. 

15. (Currently Amended) One or more processor readable storage devices 
according to claim 1 4, wherein: 

said step of associating includes associating said &st workflow with said domain, 
said step of associating said fifst workflow includes choosing a first entry in said data structure, 
said data structure is a hierarchical data structure of entities in said identity system, said domain 
includes said first entry and entries below said first entry. 

16. -19. (Canceled) 

20. (Original) One or more processor readable storage devices according to 
claim 14, wherein: 

said steps of associating, receiving and performing are performed by an integrated 
identity and access system. 
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21 . (Original) One or more processor readable storage devices according to 
claim 14, wherein: 

said request is from a parent workflow; and 

said first workflow is a sub-workflow to said parent workflow. 

i 

22. (Canceled) 

23, (Previously Presented) One or more processor readable storage devices 
according to claim 15, wherein: 

said hierarchical data structure includes an LDAP directory, 

24, (Currently Amended) An apparatus that uses workflows to perform a task, 

comprising: 

a communication interface; 

one or more processors in communication with said communication interface, 
said one or more processors perform a method comprising the steps of: 

associating each workflow of a plurality of workflows with on e ormoro a 
cnmEspnndrnfl domai n of a plurality of domains in an identity system, each domain of said 
plurality of dnm^nQ comprising one or more entities and each workflow of said plurality of 
workflows using different predefined set of steps to perform the' task; 

receiving a request to perform [[a]] said task that affects at least one identity 
profile associated with an entity in said identity system; 

determining from said one or more plurality of domains, a domain that includes 
said entity with which said at least one identity profile is associated; 

detennining [[a]] from said plurality set of workflow s, a workflow associated with 
said domain and capable of performing said task; 

outputting said oot of workflowo to a usor; 

rec e iving from aaid uGeracoleotion of a - first workflow from paid cot of 
worlcflows; and 

performing said fest workflow for said task; wh e rein: - 

Page 5 of 16 

OID-200S-162-07 

PAGE 9/20 * RCVD AT 9/2/2009 6:11:39 PM [Eastern Daylight Time] 1 SVR:USPTO«EFXRF-5/24 * DNIS:27M300 * CSID:6503262422 * DURATION (mm-5S):0M6 



SEP. 2.2009 2= 30PM TTC-Pft 650-326-2422 



NO. 817 P. 10/20 



AppL No. 09/998,895 PATENT 

Amdt daied September 2, 2009 

Reply to Final Office Action of April 2, 2009 

wherein said performing comprises executing said predefined set of steps of said 
workflow to perform said task: and 

jsaid request includes an identification of said at least one identity profile. 

25. (Currently Amended) An apparatus according to claim 24, wherein: 
said step of associating includes associating said Sm workflow with said domain, 
said step of associating said £*sfc workflow includes choosing a first entry in a data structure, said 
data structure is a hierarchical data structure of entities in the identity system, said fifst domain 
includes said first entry and entries below said first entry. 

26-29. (Canceled) 

30. (Original) An apparatus according to claim 24, wherein: 

said one or more processors are part of an integrated identity and access system. 

31. (Original) An apparatus according to claim 24, wherein: 
said request is from a parent workflow; and 

said first workflow is a sub-workflow to said parent workflow. 

32. (Canceled) 

33. (Previously Presented) An apparatus according to claim 25, wherein: 
said hierarchical data structure includes an LDAP directory. 

34. (Previously Presented) A method according to claim 1 , wherein said task 
comprises managing said at least one identity profile. 

35. (Previously Presented) A method according to claim 34, wherein 
m a n agi ng said at least one identity profile comprises one or more tasks selected from: creating a 
user, deleting a user, changing a user attribute, creating a group, deleting a group, and changing a 
group attribute. 
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36, (Previously Presented) A method according to claim 34, wherein 
managing said at least one identity profile comprises managing a certificate associated with said 
at least one identity profile. 

37. ^*0. (Canceled) 

41. (Currently Amended) The method of claim 1, wherein said first workflow 
oompriGOS a predefined oot of otops and performing said one or more steps of said &st workflow 
affects said at least one identity profile by modifying one or more attributes of said at least one 
identity profile said modifying including deleting said at least one identity profile. 

42. -43. (Canceled). 

44. (Previously Presented) The method of claim 41 , wherein said predefined 
set of steps comprising a first step and a second step; 

said first step is performed by a first program; 

said second step is performed by a second program; 

information is passed between said first program and said second program 
according to a defined set of rules; at least one of said first program and said second program is 
external to the workflow and wherein said second program performs a second workflow to 
modify one or more attributes of the at least one identity profile. 

45. (Currently Amended) The method of claim 44, wherein said second 
program is identified in an event catalog of said £rat workflow. 

46. (Previously Presented) The method of claim 45, wherein the event catalog 
further identifies one or more parameters for passing information between the first program and 
the second program. 

47. (Currently Amended) The method of claim [[1J] £4, wherein identifying 
said determining said set of workflows that perform said task and are associated with said 
domain that includes said entity with which said at least one identity profile is associated, further 
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comprises identifying workflows of said set of workflows for which a user issuing said request to 
perform said task is authorized. 

48. (Previously Presented) The method of claim 47, wherein said at least one 
identity profile is a static member of a group. 

49. (Previously Presented) The method of claim 48, wherein said at least one 
identity profile is identified as a static member of said group based on a group identity profile for 
said group. 

50. (Previously Presented) The method of claim 47, wherein said at least one 
identity profile is a dynamic member of a group. 

5 1 . (Previously Presented) The method of claim 50, wherein said at least one 
identity profile is identified as a dynamic member of said group based on application of a rule 
defined by a group identity profile for said group. 

j 

52. (Previously Presented) The method of claim 47, wherein said at least one 
identity profile is a nested member of a group. 

53. (Canceled) 

54. (New) The computer-implemented method of claim 1, wherein: 

said determining from said plurality of workflow?, determines a set of workflows 
associated with said domain and capable of performing said task; 
said method further comprising: 
outputting said set of workflows to a user; 

receiving from said user a selection of a first workflow from said set of 
workflows; and 

performing said first workflow for said task. 
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